Instantly calculate the time you can save by automating compliance

Whether you’re starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, ISO 42001, HIPAA, HITRUST CSF, NIST AI, and more.

Plus, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center, all powered by Vanta AI.

Instantly calculate how much time you can save with Vanta.

[Calculate now]

How We Manage The OT Asset In New Digital Workflow/ OT and IT Integration?

I believe this is most asked question to me by various clients and I understand usually they always get advice that use asset management tools will help, but I believe this is an incomplete answer.

For OT asset owner it makes more sense if they do the monitoring of asset centrally which solve multiple use case which I like to highlight

Applicable Use Case which should be considered, if searching for single solution

• Define levels of critical infrastructure should be aligned with ISA 95/Perdue model.

• Discover OT asset.

• Governance management

• Unified dashboards

• Manage the Vulnerability as centralized for multiple sites and response.

• Collect data from multiple source which help to aggregate them. It can be simple excel file where operator keep all the inventory list offline.

• Establish ease in change management process for operators.

• Provide more visibility to production environment for OT assets.

• Notifying the process owner for defined action and policy in case any change happens in fetched asset list.

• Preventive management for OT assets

So is there really any single solution available which will work for all above use case ?

In past usually we use multiple technology solutions i.e.

• Vulnerability management tool

• CMDB tool

• Asset discovery tools

• Network monitoring

• Change management tool

• Log aggregator

I believe procuring most of above listed solution is currently the general practice and very few customers are aware about their solution options.

Tool like OTM from ServiceNow might solve most of the listed use cases or similar competitive tool i.e. BMC, Atlassin, SolarWinds, SAP in this space.

In practicality it will still require establishing connectors for IDS solution which is used for the discovery use cases mentioned above, but it is very thoughtful tool for CTO or CISO to consider and ensure they have smooth operation for OT and IT integration. Digital workforces need this flexibility if we want to be ready for future sophisticated cyber-attacks which might come out with the help of AI guided tools. Hackers are already using similar tools now days to invent new techniques.

So, what does these connectors do? Are they replacing need of IDS or IPS solution?

These IDS solution enable Connectors which handle all configuration and import scheduling. Therefore, for production environment you must configure your existing or planned IDS solution with Connectors for the Assets, Vulnerability Response (for OT Security, or Information Technology Management solutions- applications to function and provide coverage for all the use case we thought to achieve).

The application integrates vulnerability findings with the tools like ServiceNow Security Operations and Vulnerability Response modules. Once configured you can sync all Security vulnerability findings into this centralized solution even with the Third-Party Vulnerabilities.

^Conclusion

I would advise my connections to rather going to buy solution like IDS, Risk management, Change management, Incident management as separate functional tools for you, investigate the solution which fits well to create a enhance visibility for overall production environment and adding more protection to OT infrastructure.

Creating this ecosystem from start will help to get the enough ROI.

Hoping this information will help to my multiple clients and friends who are always looking to establish similar solution, to roll out strategy in OT and IT integration space and want to build the operational resilience.